Author image Reuven M. Lerner

NAME

    Apache::CodeRed - Responds to CodeRed worm attacks with e-mail warnings

SYNOPSIS

    In your httpd.conf, put the following:

        PerlModule      Apache::CodeRed

        <Location /default.ida>
            SetHandler perl-script
            PerlHandler Apache::CodeRed
        </Location>

DESCRIPTION

    This Perl module should be invoked whenever the CodeRed or
    CodeRed2 worm attacks.  We don't have to worry about such attacks
    on Linux boxes, but we can be good Internet citizens, warning the
    webmasters on infected machines of the problem and how to solve
    it.

BUGS

    If the remote IP address fails a reverse DNS lookup, we don't send
    e-mail to anyone associated with that host.  (We do, however,
    submit the IP address to SecurityFocus.)  It would be nice to
    automatically determine which ISP is responsible for a particular
    IP address, and contact them automatically.

LICENSE

    You may distribute this module under the same license as Perl itself.

AUTHOR

    Reuven M. Lerner, reuven@lerner.co.il

    Thanks to Randal Schwartz, David Young, and Salve J. Nilsen for
    their suggestions.

SEE ALSO

mod_perl.